Web server log Analysis Simple script

Because of n reasons, an analysis of the intrusion log task fell on me, 1G of the log, how to quickly analyze it?? Thorn always said can make a script to parse the storage, and then to the database analysis ... Forget it, then the egg hurts, direct code a script to the problem of the log out to analyze it. So there's this little script. As to how to use it depends on your own, haha, such as SQL injection statement, and then see the IP, you can change the script, with the characteristics of IP to remove the log, analysis of the intrusion process. Fast, oh, my broken machine, run 1G log files for a few seconds.

It's fun to write a program to complete tasks at work. Ha ha

Usage parameters: seay.py e:/1.log

 #coding = Utf8#filename = Seay.pyimport osimport sys #特征, can be arbitrarily changed, two blocks 51 times _tezheng =    {' Union ', ' select ', ' file_put_contents '} def checkfile (_path): _f = open (_path, "r") _all_line = _f.readlines ()          _f.close () _count_line =0 _len_line = Len (_all_line) _ex_str = ' Print (' Read over-') While _count_line<_len_line: _str = _all_line[_count_line] for _tz_str in _tez Heng:if _tz_str in _str: #可以加and条件, this expensive point, 5 Mao once _ex_str+=_tz_str+_str+ ' \ r \ n ' _    Count_line+=1 _f1 = open (_path+ '. Seay.txt ', "W") _f1.write (_EX_STR) _f1.close () print ' Find over--' If Len (sys.argv) ==2: _file = sys.argv[1] If os.path.lexists (_file): Checkfile (_file) else:print (' File does not exist! ') Else:print ' Parameter error ' Print sys.argv[0]+ ' FilePath ' 

The resulting file is: the original filename. Seay.txt in the same directory, the format is the matching feature + log

